Slashdot Mirror
Senate Passes Anti-Spam Bill
Zendar writes "Yahoo! is reporting that the 'U.S. Senate passed the first national anti-spam bill on Wednesday, giving momentum to an issue that has riled consumers almost as much as dinnertime phone calls.' However, the bill, referred to as the 'Can Spam' bill, is unlikely to pass the House and be signed by the President. Senator John McCain sums it up: 'The odds of defeating spam by legislation alone is extremely low, but that does not mean we should stand idly by and do nothing about it.' CNN also has the story."
I downloaded and installed the latest version last night and am very impressed with this seemlessly integrated Bayesian Spam Filter (make sure anti-virus software is disabled before installing -- which can be difficult with McAfee as I discovered).
Very much recomeeded.
-- @rjamestaylor on Ello
No, legislation is good if it's well thought out. CAUCE has always suggested expanding the TCPA Junk Fax provisions to junk email, and honestly that's a good solution. That lets civilians file their own legal action against spammers and the companies they advertise for $500 a pop instead of creating some huge worthless beaurocracy to deal with it.
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
SpamPal is good, too. It uses a plugin architecture that currently supports a regex-based body text scanner and Bayesian categorization. It also natively supports filtering of mail using DSNBLs for those of us who want to also use something other than content scanning.
Yup, all available fronts is good. Now, how about as many folks as possible start using the Active Spam Killer? I've been using it for a month or two and it seems great. If enough people used it then the wind would be taken out of the spammers sails (sales?) so to speak and the problem of spam would go away. Why spam if the message ain't getting through. So, hop over to sourceforge and download/install a-s-k, and do your part in the war against spam.
90% of the wealth is in 2% of the pockets. Bummer to be in the majority.
That's not the way spam works. An independant entity is doing SPAM and it is based in Russia. It will advertise "Get the lower rates for your mortgage" for example. Then, when someone respond to that and give its name/address, the Russian company will sell the personal informations collected to any company willing to pay $2 (or $n) for it in the U.S.
See, the mortgage company is not involved in the SPAM at all! The mortgage company just buys the name/addres of someone interested by low rates.
No one does anything wrong in the U.S. with this model.
Write boring code, not shiny code!
After reading about this in the Washington Post, where they noted that only e-mail providers or government entities could bring suit, I decided to look up the actuall bill to see if I, as a private e-mail administrator, could bring an action against someone under this bill. The text in question, however, said only "A provider of Internet access service adversely affected" could bring action. So I wrote my Senators to find out if they meant this to be only those who provide actual ISP service, or if people like me who run private e-mail servers could bring complaints. Should be interesting to find out what they say.
How To Get Humans To Mars
I've said it before and I'll say it again: You have to make buying from spam illegal. You can't prosecute the international spam supply - you can target the domestic demand for spam, however. It's simple economics, people!
GL
That's not the way the particular spam you mention works, correct. But the online pharmacies, stock pump-n-dump schemes, porn, 'work-at-home' and other spam messages generaly have a U.S. component to them that gets the cash eventualy.
If this bill could just eliminate spam for anti-spam software I would consider it a success.
A - "Do Not E-mail List"
Every person on the planet has to sign up for this enormous database, which would also likely involve an extensive creation of an "IP identity system" whereby one central source would now know who is connected everywhere on the network. Now there is no such thing as true anonyminity online. This IP database has tremendous privacy-invasion potential.
Furthermore, such a list would be a beast to maintain and place the administrative burden both on end users as well as the database maintainers.
It ultimately wouldn't work because the majority of spammers are small, mobile operations that are already engaging in illegal activity with impunity, so why anybody thinks they're going to suddenly adhere to a do-not-email list is foolish.
B - SMTP relay licenses
Every ISP or company that maintains an SMTP server is "licensed". This puts no burden on end users and results in a dramatically smaller database of authorized mail relays. The end user can choose to use an ISP that accepts mail only from authorized relays. The entity maintaining the database sets specific standards mail servers must adhere to (no header forging, accurate contact info, proper message labelling, etc.)
While I was writing this, I just got a spam.. the header says it's from yahoo.com but an IPWHOIS shows the source of the spam is from a mail relay in LATVIA; an IP with no reverse lookup defined.
With the SMTP whitelist, we don't have these problems. If the Latvian ISP wants to e-mail the Internet proper, it registers the addresses of its mail servers and adheres to industry standards. If not, the mail systems and ISPs that are sick of spam who subscribe to the whitelist tell them to piss off. Problem solved.
So let's say my address is ClintXYZ@unix.org. I could sign up for something as ClintXYZ+ajkfdsjdfasjoifdoj@unix.org and the email would still be received by me.
Come up with a system, like ClintXYZ+yahoodotcom@unix.org. Then, if a spammer ever harvests your address, and doesn't cleanse out the extra characters, and then spams you, you will know it was yahoodotcom that did it. [This is just an example; don't sue me Yahoo.]
This has worked at least once for me (After doing it for a few years). A yahoo store violated yahoo privacy policy by doing this, and I reported them to yahoo. Never followed up though.
It's also good for mailfiltering. ClintXYZ+slashdot@unix.org for example if I wanted to filter everything that came from slashdot into its own filter.
Beware of webforms that don't allow +'s in the email addresss. It's a grey area of email address validity.
-Clio
Karma: Bad (mostly from not giving a fuck)
Blog: http://clintjcl.wordpress.com
I think you're forgetting about one major and extremely important fact. 90% of the spammers out there are in the US. Do your homework and you'll quickly discover this. Some guy in Korea doesn't have any reason to spam me, a red-blooded redneck, about a good deal on a Korea supper-time delicacy. If they are spamming me about a US product then the US company that solicited that spamming is guilty of spamming. There's always a money trail and the vast majority leads right back here to the good ole US of A. Big list of email addresses or not, the US spammers can easily be caught.